package cn.autumnorange.app.user.consumer.authorization.security.security;

import cn.autumnorange.app.common.rpc.exception.JsonException;
import lombok.Getter;
import lombok.Setter;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

@Getter
@Setter
public class JsonAccessDeniedHandlerImpl implements AccessDeniedHandler {

  public JsonAccessDeniedHandlerImpl(JsonException jsonException) {
    this.jsonException = jsonException;
  }

  private JsonException jsonException;

  @Override
  public void handle(
      HttpServletRequest httpServletRequest,
      HttpServletResponse httpServletResponse,
      AccessDeniedException e)
      throws IOException, ServletException {
    jsonException.jsonException(
        httpServletRequest, httpServletResponse, e, HttpStatus.FORBIDDEN.value());
  }
}
